Home » ZyXEL Manuals » Networking » ZyXEL P-660HN-51 » Manual Viewer

ZyXEL P-660HN-51 User Guide - Page 123

MAC Address Filter

Add to My Manuals
Save this manual to your list of manuals

Page 123 highlights

Chapter 8 Wireless LAN These security standards vary in effectiveness. Some can be broken, such as the old Wired Equivalent Protocol (WEP). Using WEP is better than using no security at all, but it will not keep a determined attacker out. Other security standards are secure in themselves but can be broken if a user does not use them properly. For example, the WPA-PSK security standard is very secure if you use a long key which is difficult for an attacker's software to guess - for example, a twenty-letter long string of apparently random numbers and letters - but it is not very secure if you use a short key which is very easy to guess - for example, a three-letter word from the dictionary. Because of the damage that can be done by a malicious attacker, it's not just people who have sensitive information on their network who should use security. Everybody who uses any wireless network should ensure that effective security is in place. A good way to come up with effective security keys, passwords and so on is to use obscure information that you personally will easily remember, and to enter it in a way that appears random and does not include real words. For example, if your mother owns a 1970 Dodge Challenger and her favorite movie is Vanishing Point (which you know was made in 1971) you could use "70dodchal71vanpoi" as your security key. The following sections introduce different types of wireless security you can set up in the wireless network. 8.8.3.1 SSID Normally, the ZyXEL Device acts like a beacon and regularly broadcasts the SSID in the area. You can hide the SSID instead, in which case the ZyXEL Device does not broadcast the SSID. In addition, you should change the default SSID to something that is difficult to guess. This type of security is fairly weak, however, because there are ways for unauthorized wireless devices to get the SSID. In addition, unauthorized wireless devices can still see the information that is sent in the wireless network. 8.8.3.2 MAC Address Filter Every device that can use a wireless network has a unique identification number, called a MAC address.1 A MAC address is usually written using twelve hexadecimal characters2; for example, 00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC address for each device in the wireless network, see the device's User's Guide or other documentation. 1. Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. 2. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. P-660HN-TxA User's Guide 123

Section	Page
P-660HN-TxA	1
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
User’s Guide	19
Introduction	21
1.1 Overview	21
1.2 Ways to Manage the ZyXEL Device	21
1.3 Good Habits for Managing the ZyXEL Device	22
1.4 Applications for the ZyXEL Device	22
1.4.1 Internet Access	22
1.5 Wireless Access	23
1.5.1 Using the WPS/WLAN Button	23
1.6 LEDs (Lights)	25
1.7 The RESET Button	26
1.7.1 Using the Reset Button	27
The Web Configurator	29
2.1 Overview	29
2.1.1 Accessing the Web Configurator	29
2.2 The Main Screen	31
2.2.1 Title Bar	32
2.2.2 Navigation Panel	32
2.2.3 Main Window	34
2.2.4 Status Bar	34
Status Screens	35
3.1 Overview	35
3.2 The Status Screen	35
Tutorials	39
4.1 Overview	39
4.2 Setting Up a Secure Wireless Network	39
4.2.1 Configuring the Wireless Network Settings	40
4.2.2 Using WPS	41
4.2.3 Without WPS	46
4.2.4 Setting Up Wireless Network Scheduling	46
4.3 Configuring the MAC Address Filter	47
4.4 Configuring Static Route for Routing to Another Network	49
4.5 Multiple Public and Private IP Address Mappings	52
4.5.1 Full Feature NAT + Many-to-Many No Overload Mapping	53
4.5.2 Full Feature NAT + One-to-One Mapping	54
4.6 Multiple WAN Connections Example	55
Technical Reference	57
Internet and Wireless Setup Wizard	59
5.1 Overview	59
5.2 Internet Access Wizard Setup	59
5.2.1 Manual Configuration	62
5.3 Wireless Connection Wizard Setup	68
5.3.1 Manually Assign a WPA-PSK key	70
5.3.2 Manually Assign a WEP Key	71
WAN Setup	73
6.1 Overview	73
6.1.1 What You Can Do in the WAN Screens	73
6.1.2 What You Need to Know About WAN	73
6.1.3 Before You Begin	74
6.2 The Internet Access Setup Screen	75
6.2.1 Advanced Internet Access Setup	77
6.3 The More Connections Screen	79
6.3.1 More Connections Edit	80
6.3.2 Configuring More Connections Advanced Setup	82
6.4 WAN Technical Reference	83
6.4.1 Encapsulation	83
6.4.2 Multiplexing	85
6.4.3 VPI and VCI	85
6.4.4 IP Address Assignment	85
6.4.5 Nailed-Up Connection (PPP)	86
6.4.6 NAT	86
6.5 Traffic Shaping	86
6.5.1 ATM Traffic Classes	87
LAN Setup	89
7.1 Overview	89
7.1.1 What You Can Do in the LAN Screens	89
7.1.2 What You Need To Know About LAN	90
7.1.3 Before You Begin	91
7.2 The LAN IP Screen	91
7.2.1 The Advanced LAN IP Setup Screen	92
7.3 The DHCP Setup Screen	93
7.4 The Client List Screen	94
7.5 The IP Alias Screen	95
7.5.1 Configuring the LAN IP Alias Screen	96
7.6 LAN Technical Reference	97
7.6.1 LANs, WANs and the ZyXEL Device	98
7.6.2 DHCP Setup	98
7.6.3 DNS Server Addresses	98
7.6.4 LAN TCP/IP	99
7.6.5 RIP Setup	100
7.6.6 Multicast	101
Wireless LAN	103
8.1 Overview	103
8.1.1 What You Can Do in the Wireless LAN Screens	103
8.1.2 What You Need to Know About Wireless	104
8.1.3 Before You Start	104
8.2 The AP Screen	105
8.2.1 No Security	106
8.2.2 WEP Encryption	107
8.2.3 WPA(2)-PSK	108
8.2.4 WPA(2) Authentication	109
8.2.5 Wireless LAN Advanced Setup	110
8.2.6 MAC Filter	112
8.3 The More AP Screen	113
8.3.1 More AP Edit	114
8.4 The WPS Screen	115
8.5 The WPS Station Screen	116
8.6 The WDS Screen	117
8.7 The Scheduling Screen	119
8.8 Wireless LAN Technical Reference	120
8.8.1 Wireless Network Overview	120
8.8.2 Additional Wireless Terms	122
8.8.3 Wireless Security Overview	122
8.8.4 Signal Problems	125
8.8.5 BSS	125
8.8.6 MBSSID	126
8.8.7 Wireless Distribution System (WDS)	127
8.8.8 WiFi Protected Setup (WPS)	127
Network Address Translation (NAT)	135
9.1 Overview	135
9.1.1 What You Can Do in the NAT Screens	135
9.1.2 What You Need To Know About NAT	135
9.2 The NAT General Setup Screen	137
9.3 The Port Forwarding Screen	138
9.3.1 Configuring the Port Forwarding Screen	139
9.3.2 The Port Forwarding Rule Edit Screen	141
9.4 The Address Mapping Screen	142
9.4.1 The Address Mapping Rule Edit Screen	144
9.5 The ALG Screen	145
9.6 NAT Technical Reference	146
9.6.1 NAT Definitions	146
9.6.2 What NAT Does	146
9.6.3 How NAT Works	147
9.6.4 NAT Application	148
9.6.5 NAT Mapping Types	148
Firewall	151
10.1 Overview	151
10.1.1 What You Can Do in the Firewall Screens	151
10.1.2 What You Need to Know About Firewall	151
10.2 The Firewall Screen	153
Filters	155
11.1 Overview	155
11.1.1 What You Can Do in the Filter Screens	155
11.1.2 What You Need to Know About Filtering	155
11.2 The URL Filter Screen	156
11.3 The Application Filter Screen	157
11.4 The IP/MAC Filter Screen	158
Static Route	161
12.1 Overview	161
12.1.1 What You Can Do in the Static Route Screens	162
12.2 The Static Route Screen	162
12.2.1 Static Route Edit	163
802.1Q/1P	165
13.1 Overview	165
13.1.1 What You Can Do in the 802.1Q/1P Screens	165
13.1.2 What You Need to Know About 802.1Q/1P	165
13.2 The 802.1Q/1P Group Setting Screen	166
13.2.1 Editing 802.1Q/1P Group Setting	168
13.3 The 802.1Q/1P Port Setting Screen	169
Quality of Service (QoS)	171
14.1 Overview	171
14.1.1 What You Can Do in the QoS Screens	172
14.1.2 What You Need to Know About QoS	172
14.2 The QoS Screen	173
14.2.1 The QoS Settings Summary Screen	175
14.3 QoS Technical Reference	176
14.3.1 IEEE 802.1p	176
14.3.2 IP Precedence	177
14.3.3 Automatic Priority Queue Assignment	177
Dynamic DNS Setup	179
15.1 Overview	179
15.1.1 What You Can Do in the DDNS Screen	179
15.1.2 What You Need To Know About DDNS	179
15.2 The Dynamic DNS Screen	180
Remote Management	181
16.1 Overview	181
16.1.1 What You Can Do in the Remote Management Screens	182
16.1.2 What You Need to Know About Remote Management	182
16.2 The WWW Screen	183
16.2.1 Configuring the WWW Screen	183
16.3 The Telnet Screen	184
16.4 The FTP Screen	185
16.5 The SNMP Screen	186
16.5.1 Configuring SNMP	187
16.6 The DNS Screen	188
16.7 The ICMP Screen	189
Universal Plug-and-Play (UPnP)	191
17.1 Overview	191
17.1.1 What You Can Do in the UPnP Screen	191
17.1.2 What You Need to Know About UPnP	191
17.2 The UPnP Screen	193
17.3 Installing UPnP in Windows Example	194
17.4 Using UPnP in Windows XP Example	197
CWMP	203
18.1 Overview	203
18.2 The CWMP Setup Screen	204
System Settings	207
19.1 Overview	207
19.1.1 What You Can Do in the System Settings Screens	207
19.2 The General Screen	207
19.3 The Time and Date Screen	208
Logs	211
20.1 Overview	211
20.1.1 What You Need To Know About Logs	211
20.2 The System Log Screen	211
20.3 Log Descriptions	213
Tools	221
21.1 Overview	221
21.1.1 What You Can Do in the Tool Screens	221
21.2 The Firmware Screen	221
21.3 The Configuration Screen	224
21.4 The Restart Screen	227
Diagnostic	229
22.1 Overview	229
22.1.1 What You Can Do in the Diagnostic Screens	229
22.2 The General Screen	229
22.3 The DSL Line Screen	230
Troubleshooting	233
23.1 Power, Hardware Connections, and LEDs	233
23.2 ZyXEL Device Access and Login	234
23.3 Internet Access	236
Product Specifications	239
24.1 Hardware Specifications	239
24.2 Firmware Specifications	239
24.3 Wireless Features	243
24.4 Power Adaptor Specifications	246
Setting up Your Computer’s IP Address	247
IP Addresses and Subnetting	271
Pop-up Windows, JavaScripts and Java Permissions	281
Wireless LANs	291
Services	307
Legal Information	311

Match case Limit results 1 per page

Chapter 8 Wireless LAN

P-660HN-TxA User’s Guide

123

These security standards vary in effectiveness. Some can be broken, such as the

old Wired Equivalent Protocol (WEP). Using WEP is better than using no security at

all, but it will not keep a determined attacker out. Other security standards are

secure in themselves but can be broken if a user does not use them properly. For

example, the WPA-PSK security standard is very secure if you use a long key

which is difficult for an attacker’s software to guess - for example, a twenty-letter

long string of apparently random numbers and letters - but it is not very secure if

you use a short key which is very easy to guess - for example, a three-letter word

from the dictionary.

Because of the damage that can be done by a malicious attacker, it’s not just

people who have sensitive information on their network who should use security.

Everybody who uses any wireless network should ensure that effective security is

in place.

A good way to come up with effective security keys, passwords and so on is to use

obscure information that you personally will easily remember, and to enter it in a

way that appears random and does not include real words. For example, if your

mother owns a 1970 Dodge Challenger and her favorite movie is Vanishing Point

(which you know was made in 1971) you could use “70dodchal71vanpoi” as your

security key.

The following sections introduce different types of wireless security you can set up

in the wireless network.

8.8.3.1

SSID

Normally, the ZyXEL Device acts like a beacon and regularly broadcasts the SSID

in the area. You can hide the SSID instead, in which case the ZyXEL Device does

not broadcast the SSID. In addition, you should change the default SSID to

something that is difficult to guess.

This type of security is fairly weak, however, because there are ways for

unauthorized wireless devices to get the SSID. In addition, unauthorized wireless

devices can still see the information that is sent in the wireless network.

8.8.3.2

MAC Address Filter

Every device that can use a wireless network has a unique identification number,

called a MAC address.

A MAC address is usually written using twelve hexadecimal

characters

; for example, 00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC

address for each device in the wireless network, see the device’s User’s Guide or